An Open Source CPU!?

[AlexTheGreatish]

As making faster CPUs gets more difficult on the hardware side, a group of researchers have looked into improving them on the software side by creating a new instruction set that someday might completely replace x86 and ARM.

 

Check out SiFive: https://www.sifive.com/

 

Buy more RISC-V knowledge
On Amazon: http://geni.us/LXBbYz6
On Amazon: http://geni.us/0URdH0z

[GertV]

"improving them on the hardware side by creating" 

Do you mean on the software side?

[AlexTheGreatish]

1 minute ago, Gert Verhoek said:

"improving them on the hardware side by creating" 

Do you mean on the software side?

Yes....

[Guest]

very cool, looking good for the future. 

[williamcll]

This seem prone to hacking

[Zando_]

21 minutes ago, AlexTheGreatish said:

Yes....

I assume this is why you're only Alex the Greatish? 

[DocSwag]

Thank you LTT, very cool!

[Ryujin2003]

Open source CPU... Not as opened as Linus's mouth in the thumbnail.

 

6 minutes ago, williamcll said:

This seem prone to hacking

Intel isn't opensourced...

 

One thing open source has going for it is that there is issues a community that helps with that. Can have many issues at first, but hopefully improves faster than the proprietary designs of the competitors.

[BlueFire126]

15 minutes ago, williamcll said:

This seem prone to hacking

Exactly what I was thinking every secruity gap is visible just look at meltdown and now think about what will happen if you know the micro code.

[samcool55]

16 minutes ago, williamcll said:

This seem prone to hacking

Yes and no, the advantage open-source has that it is impossible to hide anything. Like backdoors for example would be found. Also if something is dodgy someone will notice it, i mean people found out recently an important account from the person that developed gentoo was compromised because there were some dodgy commits done with his account. Gentoo isnt that massive so i can imagine it being almost impossible to hide something dodgy especially if it has a decent community.

Also, closed-source is also prone to hacking, i mean look at Intel with meltdown or the backdoor recently found in VIA chips. If it would have been open-source they probably found those problems much sooner.

[samcool55]

10 minutes ago, BlueFire126 said:

Exactly what I was thinking every secruity gap is visible just look at meltdown and now think about what will happen if you know the micro code.

Well one thing is that people that find exploits can figure out why it works and write a patch for it.

Like, we know how meltdown works, but we do not know WHY it works because we cant check the code that causes the exploit to be a thing. Writing a fix for it is impossible unless you have access to the source, which we dont. Only intel can do that.

[SecureCloud]

I'm all for the idea of a open sourced CPU, I remember when I was looking into embedded programming running across RISC, but back then there wasn't much support and/or hardware.. it was skipped.. I hope this does take off..

 

not to be the skeptic.. Sorry Linus.. but the $1,000 CPU price tag you mentioned, Intel & AMD have $1,000 CPU's too & have much more maturity.. I get your not saying mainstream right now..

 

But I seen "ISA" mentioned quite a few times.. wasn't that the connection type used before PCI? (Yes I feel old)

 

I would like to see a 3rd contender in the CPU market.. besides red & blue.. maybe that would drive sales down.. right now they only have to compete with each other.. Two rich kids playing Monopoly.

[kirashi]

2 hours ago, williamcll said:

This seem prone to hacking

2 hours ago, BlueFire126 said:

Exactly what I was thinking every secruity gap is visible just look at meltdown and now think about what will happen if you know the micro code.

As noted below by 2 other forum members, open-source actually benefits the community as a whole, since it allows anyone to discover vulnerabilities in the micro-code, write fixes, and release them back to the community unencumbered by patents, trademarks, or copyright lawsuits. Closed-source hardware and software are just as prone to discovering vulnerabilities as the open-source counterparts, but due to the closed nature of their platforms are less likely to receive a fix without the consent or approval of the manufacturer, often due to encryption keys or the risk of lawsuits.

 

Meltdown and Spectre are just 2 examples of existing flaws that were discovered back in 1995, and yet they weren't even publicized until 20 years later. That tells you how little Intel / AMD / other CPU manufacturers actually recognized the severity of these flaws. Now, I'm not here to play the "conspiracy and lies" game, as I'd like to believe all companies strive to create secure, safe, and functional computing platforms, but it really looks like someone, somewhere in the CPU manufacturing industry decided these flaws weren't so serious when discovered.

 

https://pdfs.semanticscholar.org/2209/42809262c17b6631c0f6536c91aaf7756857.pdf

 

I realize the point of closed-source systems protects trade secrets and allows for a certain amount of exclusivity around a products' lifecycle and that open-sourcing can indeed hurt a manufacturer's bottom line in terms of profits, but this should never, ever, ever, never come at the expense of security to the consumer. EVER. The last thing I'd want as a company is a class action lawsuit against me, not for liability due to a software bug (since no software license agreement allows liability claims), but for gross negligence to fix a known issue that had been discovered 20+ years ago.

 

2 hours ago, Ryujin2003 said:

One thing open source has going for it is that there is issues a community that helps with that. Can have many issues at first, but hopefully improves faster than the proprietary designs of the competitors.

1 hour ago, samcool55 said:

Yes and no, the advantage open-source has that it is impossible to hide anything. Like backdoors for example would be found. Also if something is dodgy someone will notice it, i mean people found out recently an important account from the person that developed gentoo was compromised because there were some dodgy commits done with his account. Gentoo isnt that massive so i can imagine it being almost impossible to hide something dodgy especially if it has a decent community.

Also, closed-source is also prone to hacking, i mean look at Intel with meltdown or the backdoor recently found in VIA chips. If it would have been open-source they probably found those problems much sooner.

 

42809262c17b6631c0f6536c91aaf7756857[1].pdf

[Sauron]

Quake 2 in a LTT video... I'm so happy I could cry 

[Mira Yurizaki]

2 hours ago, kirashi said:

-Snip-

The thing with security is it's entirely about risk management. Even if you know there is a security flaw, you have to decide whether or not to accept the risk. For instance every encryption method has a security flaw in that they're always going to be susceptible to brute force attacks. But the risk of it actually working is very minimal, except for older methods like DES where a modern GPU can probably figure out the key within hours. And yes, I understand that's an extreme example, but what's more important than just knowing your system has flaws is knowing what those flaws are, how they work, and what the feasibility is of it being put to practice.

 

The problem isn't really knowing that you have a flaw and not doing anything to fix it. It's knowing you have a flaw and believing the original assessment is always going to be valid.

Edited August 22, 2018 by M.Yurizaki
Oh boy, I can't write today.

[Chett_Manly]

Is it a Canadian thing that he says Deebian, for Debian?

 

Quote

The project name is pronounced Deb'-ee-en, with a short e in Deb, and emphasis on the first syllable. This word is a contraction of the names of Debra and Ian Murdock, who founded the project.

 

[MasterJV]

I just want to say THANK YOU to Linus and whoever in the team has been pushing for more videos on open source. I'm gonna sound like a neckbeard Linux keyboard warrior but Open Source should really be the future. And it's videos like these that help get more regular people educated about these project and that is what will drive the projects further. 

[MasterJV]

8 hours ago, williamcll said:

This seem prone to hacking

This is going to sound wierd but that is a good thing. If something is open source, then its security can be audited by everyone from high school students to hackers to professional security specialist. No need to reverse engineering anything, no need to pay to see the source code, no fear of a company sending the FBI to your door. Find an exploit? You can actually do something about it. 

[Mira Yurizaki]

Now that I think about it, the video is talking about an instruction set architecture (ISA) of the CPU, not the actual implementation of it. The ISA may not have a security issue since it merely describes the "what should be done", but the implementation of it, or the "how it's done", in the CPU can have a security issue. And the implementation may still be proprietary and closed.

 

Spectre and Meltdown weren't the result of using a proprietary ISA. It was the result of implementing certain things in a way that caused issues. For example on a software side of things: the Heartbleed issue. It was a problem with how SSL and TLS were implemented in OpenSSL, rather than a problem with SSL or TLS itself.

 

Basically what I'm saying is, if you implement things poorly even using an open architecture like RISC-V, you can still have a security issue like Spectre.

[sydh]

This will be a interesting project to follow for sure.

[GodAtum]

Where can I buy one?

[dreamer77dd]

SiFive does a modem?

What can you do with an open source modem? hmm

64bit Modem,

The E5 Series offers 64-bit RISC-V performance in 32-bit power and area.

Not sure if modems need 64bit or that they already are 64bit hardware.

I am kind of sure we are going in that direction.

https://www.sifive.com/products/risc-v-core-ip/e5/

[xnamkcor]

Can an x86 motherboard maker add that silly 36+16 pin connector so you can use the RV as a sandbox environment or a co-processor?

[AhaaOkay]

On 8/22/2018 at 8:33 PM, AlexTheGreatish said:

As making faster CPUs gets more difficult on the hardware side, a group of researchers have looked into improving them on the software side by creating a new instruction set that someday might completely replace x86 and ARM.

 

Check out SiFive: https://www.sifive.com/

 

Buy more RISC-V knowledge
On Amazon: http://geni.us/LXBbYz6
On Amazon: http://geni.us/0URdH0z

Interesting video. 

 

It would be interesting if we've had a little info in the comments what other boards he had on the table to extend functionality of the BEAST (RAM / PCI bus) for starters. 

 

Is the xt910 CPU from alibaba available on a card as it did have a little more umpfff under the hood. 

 

This video was just an appetizer

[AhaaOkay]

On 8/30/2018 at 11:30 PM, xnamkcor said:

Can an x86 motherboard maker add that silly 36+16 pin connector so you can use the RV as a sandbox environment or a co-processor?

Interesting, but not likely.